Rerouter

Got this from AVG:

A potential threat for broadband routers has been announced. The exploit is popularly called "Drive-by Pharming". This new threat has the potential to allow an attacker to gain control over a user's broadband router and home network thus allowing the attacker to steal private information, install malware, or use the home network to distribute spam. The attacker would do this by creating a web site that pretended to be a legitimate web site such as a bank or online shopping site. When a user visited the site, malicious JavaScript embedded in the site would then launch and reconfigure the router to use the attacker's DNS servers instead of those prescribed by the user's ISP. DNS servers are similar to directories that cross reference information, similar to phone books. All computers on the internet have a numerical reference called an IP address. DNS servers cross reference web site names (www.someplace.com) to the numerical address. Therefore, once the router is reconfigured, the attacker can redirect any name entered to a malicious site of his choice.

While there are no known cases of this particular exploit actually in use, proof of concept code has shown it to be possible and effective. Fortunately, simply changing the default administrative password of the router easily mitigates the risk! All broadband routers are shipped with an administrative account and a default password, usually something like "password" or "admin" and most users never change these to a stronger password. This is a relatively easy task, the user would just need to log into the router's IP address (usually something like 192.168.0.1 or 192.168.1.1) and log in with the default password - see the documentation or go to one of the online databases such as http://www.routerpasswords.com to determine the password. Then set a new password and you have mitigated the risk!

Make a Mark

Backup Offer

Carbonite finished the backup of my audio files a few days ago. I started the trial a couple of weeks back. Couldn't keep it running all the time, but I had it up most of the time. So now there's 18 gig (yeah, 18 gig) of digital audio backed up on the Carbonite servers.

I like the system - while you can't backup network drives, or anything but local drives on a windows installation (as far as I know) - it does seem useful as a backup for things you keep on your local machine. In my case, the source files for the recordings I'm working on when I record outside the studio.

So a good choice if you travel with your work, when your documents are on your laptop. And if you're a single computer user without local network storage.

Important Stuff

It uses javascript to encrypt your data before sending it to the storage server, so the data should be safe.

I'm toying with the same kind of idea for my client's remote backups. I can't guarantee that the web servers I rent have the security needed to protect their sensitive files, but that doesn't matter if the data is encrypted before it's sent, it should be fine.

(c) 2004-2005 timlytle.net ltd. Site managed and hosted by timlytle.net ltd.Feel free to contact us by e-mail, contact@timlytle.net, or phone, 1-877-tim-lytle.And if you're in the area stop by, we'll hit McDonalds and get something off the dollar menu.